Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA 5505 8.3.2 port forwarding

Hello,

I'm used to configure ASA with version 8.0. Since version 8.3 is installed on our ASA's port forwarding isn't function any more.

Can someone help me with the configuration. Allready tried various options, but nothing works.

Also can't see the traffic coming to the ASA.

I've copied my configuration in attachement.

Thanks in advance.

Jean-Luc

3 REPLIES
Hall of Fame Super Blue

Re: ASA 5505 8.3.2 port forwarding

Connexus1 wrote:

Hello,

I'm used to configure ASA with version 8.0. Since version 8.3 is installed on our ASA's port forwarding isn't function any more.

Can someone help me with the configuration. Allready tried various options, but nothing works.

Also can't see the traffic coming to the ASA.

I've copied my configuration in attachement.

Thanks in advance.

Jean-Luc

Jean-Luc

static (inside,outside) tcp 177.10.10.10  80 192.168.5.10 80

is pre 8.3 and as you know means any request received for 177.10.10.10 port 80 should be forwarded to the inside server 192.168.5.10 on port 80.

8.3 equivalent -

network object web-server

host 192.168.5.10

nat (inside,outside) static 177.10.10.10 service tcp 80 80

You may also find this doc useful which gives examples for pre 8.3 NAT and it's 8.3 equivalent -

ASA NAT

Jon

New Member

Re: ASA 5505 8.3.2 port forwarding

Hello Jon,

Thanks for the advice, but i've allready tried this commands.

In this exact order. Only with port 3389 (RDP)

Still this doesn't seem to work.

I've retried it with there commands:

object network ....

host

nat (inside,outside) static interface service tcp 3389 3389

and the following firewall rule:

access-list outside_access_in extended permit tcp any host eq 3389

Also applied the rule by entering:

access-group outside_access_in in interface outside

Still don't see any of the traffic coming to the ASA.

Could it be that this rule is a problem??

nat (inside,outside) source dynamic any interface

Please let me know.

New Member

Re: ASA 5505 8.3.2 port forwarding

Try to change the order of your nat rules. Move the rdp rule up, to first. You can do this fine with ASDM gui.

regards

Joachim P.

1250
Views
0
Helpful
3
Replies
CreatePlease to create content